Package zeroecho.core.alg.common.agreement

Class KemMessageAgreementAdapter

java.lang.Object
zeroecho.core.alg.common.agreement.KemMessageAgreementAdapter
All Implemented Interfaces:
Closeable, AutoCloseable, AgreementContext, CryptoContext, MessageAgreementContext
public final class KemMessageAgreementAdapter extends Object implements MessageAgreementContext

Adapter: using a KEM as a message-based agreement primitive

KemMessageAgreementAdapter adapts a KemContext into a MessageAgreementContext, making KEMs usable in higher-level protocols that expect a two-party message agreement API.

Roles

Lifecycle

  1. Create via KemMessageAgreementAdapter.Builder with a bound KemContext.
  2. Initiator calls getPeerMessage() to obtain ciphertext to transmit.
  3. Responder calls setPeerMessage(byte[]) with received ciphertext.
  4. Both parties call deriveSecret() to obtain the agreed secret.

Thread-safety

Instances are not thread-safe; synchronize externally if sharing across threads.
Since:
1.0

  • Method Details

    • builder

      public static KemMessageAgreementAdapter.Builder builder()
      Returns a new builder for constructing a KemMessageAgreementAdapter.
      Returns:
      builder instance

    • setPeerMessage

      public void setPeerMessage(byte[] message)
      Stores the peer’s ciphertext for decapsulation.
      Specified by:
      setPeerMessage in interface MessageAgreementContext
      Parameters:
      message - ciphertext received from initiator
      Throws:
      IllegalStateException - if called in initiator mode

    • getPeerMessage

      public byte[] getPeerMessage()
      Returns the ciphertext produced by encapsulation.
      Specified by:
      getPeerMessage in interface MessageAgreementContext
      Returns:
      defensive copy of ciphertext to send
      Throws:
      IllegalStateException - if called in responder mode

    • setPeerPublic

      public void setPeerPublic(PublicKey peer)
      No-op for KEM-based contexts.

      Unlike Diffie–Hellman, KEMs are already bound to the correct key at construction. This method exists for interface symmetry.

      Specified by:
      setPeerPublic in interface AgreementContext
      Parameters:
      peer - ignored

    • deriveSecret

      public byte[] deriveSecret()
      Derives the shared secret from this exchange.
      Specified by:
      deriveSecret in interface AgreementContext
      Returns:
      defensive copy of the derived secret
      Throws:
      UncheckedIOException - if encapsulation/decapsulation fails

    • algorithm

      public CryptoAlgorithm algorithm()
      Returns the underlying algorithm descriptor.
      Specified by:
      algorithm in interface CryptoContext
      Returns:
      algorithm bound to this adapter

    • key

      public Key key()
      Returns the key bound to the underlying KEM context.
      Specified by:
      key in interface CryptoContext
      Returns:
      encapsulation (public) or decapsulation (private) key

    • close

      public void close() throws IOException
      Closes the underlying KEM context if it is closeable.
      Specified by:
      close in interface AutoCloseable
      Specified by:
      close in interface Closeable
      Specified by:
      close in interface CryptoContext
      Throws:
      IOException - if the wrapped context fails to close